Paper 2022/1006

A Forward-secure Efficient Two-factor Authentication Protocol

Steven J. Murdoch, University College London
Aydin Abadi, University College London
Abstract

Two-factor authentication(2FA)schemes that rely on a combination of knowledge factors (e.g., PIN) and device possession have gained popularity. Some of these schemes remain secure even against strong adversaries that (a) observe the traffic between a client and server, and (b) have physical access to the client’s device, or its PIN, or breach the server. However, these solutions have several shortcomings; namely, they (i) require a client to remember multiple secret values to prove its identity, (ii) involve several modular exponentiations, and (iii) are in the non-standard random oracle model. In this work, we present a 2FA protocol that resists such a strong adversary while addressing the above shortcomings. Our protocol requires a client to remember only a single secret value/PIN, does not involve any modular exponentiations, and is in a standard model. It is the first one that offers these features without using trusted chipsets. This protocol also imposes up to 40% lower communication overhead than the state-of-the-art solutions do.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
two factor authentication hardware token
Contact author(s)
s murdoch @ ucl ac uk
aydin abadi @ ucl ac uk
History
2022-08-07: approved
2022-08-04: received
See all versions
Short URL
https://ia.cr/2022/1006
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1006,
      author = {Steven J. Murdoch and Aydin Abadi},
      title = {A Forward-secure Efficient Two-factor Authentication Protocol},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1006},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1006}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.